SNMP Versions
What does SNMP stand for?
Simple Network Management Protocol
What is a network baseline?
A network baseline is a snapshot or reference point of normal network performance and behavior.
What does QoS stand for?
Quality of Service
What is the first step in the incident response process?
Preparation
Which SNMP version introduced encryption?
SNMP v3
Why is establishing a baseline important?
Establishing a baseline is important to detect anomalies, identify trends, and troubleshoot performance issues effectively.
Name one method used to implement QoS.
Classification and Marking, Differentiated Services (DiffServ), Integrated Services (IntServ), Traffic Shaping, Bandwidth Reservation, Congestion Avoidance, Traffic Policing
What is the purpose of the containment step?
The containment step aims to limit the damage and prevent the incident from spreading further.
Describe a key difference between SNMP v1 and v3.
SNMP v1 lacks robust security features, while SNMP v3 includes authentication and encryption for secure communication.
How often should a network baseline be reviewed?
A network baseline should be reviewed periodically, such as quarterly or whenever significant changes are made to the network.
Why is QoS important for VoIP applications?
QoS ensures low latency, minimal packet loss, and consistent bandwidth, which are critical for clear and uninterrupted voice communication in VoIP applications.
Describe the eradication step.
Eradication involves identifying the root cause of the incident, removing the threat, and ensuring the system is clean.
What are the security features of SNMP v3?
SNMP v3 offers authentication, encryption, and message integrity to ensure secure communication between devices.
What tools can be used to establish a network baseline?
Tools like Wireshark, SolarWinds, PRTG Network Monitor, or Nagios can be used to establish a network baseline.
Explain the difference between traffic shaping and traffic policing.
Why is the lessons learned step important?
The lessons learned step helps improve future incident response by analyzing what worked well and what needs improvement.